public static IDictionary <PermissionType, int> GetRelatedPermissions(Content content, string permissionLevel, bool explicitOnly, string memberPath, IEnumerable <string> includedTypes)
{
var level = GetPermissionLevel(permissionLevel);
var member = GetMember(memberPath);
return(PermissionQuery.GetRelatedPermissions(content, level, explicitOnly, member, includedTypes));
}
public static IEnumerable <Content> GetRelatedIdentities(Content content, string permissionLevel, string identityKind)
{
var level = GetPermissionLevel(permissionLevel);
var kind = GetIdentityKind(identityKind);
return(PermissionQuery.GetRelatedIdentities(content, level, kind));
}
public static IEnumerable <Content> GetRelatedItemsOneLevel(Content content, string permissionLevel, string memberPath, string[] permissions)
{
var level = GetPermissionLevel(permissionLevel);
var member = GetMember(memberPath);
var perms = GetPermissionTypes(permissions);
return(PermissionQuery.GetRelatedItemsOneLevel(content, level, member, perms));
}
private static ChildPermissionInfo GetPermissionInfo(Content content, int[] identities, PermissionInfo[] inheritedPermissions)
{
// This method assembles a permission info object describing the provided content
// and all its inherited and subtree permissions as separate arrays.
var canSeePermissions = content.Security.HasPermission(PermissionType.SeePermissions);
// Load explicit entries on the content that belong to any of the relevant identities.
// If the current user (who browses the permission overview page) has no SeePermission
// permission for the content, simply use an empty array.
var explicitPermissions = canSeePermissions
? content.Security.GetExplicitEntries(EntryType.Normal).Where(e => identities.Contains(e.IdentityId)).ToArray()
: new AceInfo[0];
var explicitLocalOnlyPermissions = explicitPermissions.Where(ace => ace.LocalOnly).ToArray();
// prepare slots for all permission types
var permissionInfos = canSeePermissions
? PermissionType.BuiltInPermissionTypes.Select(p => new PermissionInfo {
Index = p.Index, Name = p.Name
}).ToArray()
: new PermissionInfo[0];
// Check if there are explicit permissions defined for any of the permission types.
// If not, use the inherited value.
foreach (var permissionInfo in permissionInfos)
{
if (explicitPermissions.Any(e => e.GetPermissionValues()[permissionInfo.Index] == PermissionValue.Denied))
{
permissionInfo.Type = "explicitdeny";
}
else if (explicitPermissions.Any(e => e.GetPermissionValues()[permissionInfo.Index] == PermissionValue.Allowed))
{
permissionInfo.Type = "explicitallow";
}
else
{
permissionInfo.Type = content.Security.IsInherited
? inheritedPermissions[permissionInfo.Index].Type
: "off";
}
// This flag means that among others there is at least one local-only entry
// containing this permission type. It is possible that there are inheritable
// permissions for the same type also, this is just a flag that indicates
// that there is something local-only here.
permissionInfo.LocalOnly = explicitLocalOnlyPermissions.Any(e => e.GetPermissionValues()[permissionInfo.Index] != PermissionValue.Undefined);
}
// Check subtree permission entries only if the user has SeePermission permission
// in the whole subtree, otherwise we would show partial data to the user.
var subtreePermissions = content.Security.HasSubTreePermission(PermissionType.SeePermissions)
? PermissionQuery.GetExplicitPermissionsInSubtree(content, identities, false)
: new Dictionary <PermissionType, int>();
return(new ChildPermissionInfo
{
Path = content.Path,
Name = content.Name,
DisplayName = content.DisplayName,
IsFolder = content.IsFolder,
Break = !content.Security.IsInherited,
Permissions = permissionInfos,
SubPermissions = subtreePermissions.Select((p, index) =>
new PermissionInfo
{
Name = p.Key.ToString(),
Index = index,
Type = p.Value > 0 ? "on" : "off"
}).Take(PermissionType.BuiltInPermissionTypes.Length).ToArray() //TODO: filter unused permissions correctly
});
}
public static IEnumerable <Content> GetParentGroups(Content content, bool directOnly)
{
return(PermissionQuery.GetParentGroups(content, directOnly));
}
public static IEnumerable <Content> GetAllowedUsers(Content content, string[] permissions)
{
var perms = GetPermissionTypes(permissions);
return(PermissionQuery.GetAllowedUsers(content, perms));
}